Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

$2,000 sale shipped without payment!


sk8r

Recommended Posts

About 1 in 20 orders, my OSC store will not even ask for the customer's credit card info, it is as if the entire "Payment Method" is not even showing up. Does this happen to anyone else? The customer's order goes through all the way to confirmation, BUT WITH NO CREDIT CARD INFO ASKED FOR!!!!! :blink:

Link to comment
Share on other sites

It means you have your payment methods set up so they are available in certain zones.

 

The delivery address of the order is not in one of these zones.

 

Either set up a payment method that is not restricted to any one zone or only allow addresses in you zone to be used by your customers.

Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Link to comment
Share on other sites

That blows that theory out of the water.

 

How do you stop international and Canadian orders?

Edited by geoffreywalton

Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Link to comment
Share on other sites

I know, it says so on your site but do you stop non US addresses being set up?

 

That is probably not important.

 

Have you tried to check out 20 times and found the payment details not appearing or are you assuming this is happening.

 

If this actually happens it is one more piece in the jigsaw.

 

Otherwise it could be that in certain cicumstances the cc details are not being processed correctly.

 

If you are using the stock paypal module it is a known problem that if the customer does not return to your site after ordering the order is not recorded in the db.

Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Link to comment
Share on other sites

I know, it says so on your site but do you stop non US addresses being set up?

 

That is probably not important.

 

Have you tried to check out 20 times and found the payment details not appearing or are you assuming this is happening.

 

If this actually happens it is one more piece in the jigsaw.

 

Otherwise it could be that in certain cicumstances the cc details are not being processed correctly.

 

If you are using the stock paypal module it is a known problem that if the customer does not return to your site after ordering the order is not recorded in the db.

 

I have not tried 20 times, but many customers have said the exact same thing; the site did not even ask for their credit card info.

BTW, I live in Norfolk, VA.

 

Cheers!

Link to comment
Share on other sites

Look in admin -> Modules -> payment - then find which one is active

 

It should be the one specific to your payment gateway (e.g PayPal, Authorize.net, Worldpay, secpay, your bank, etc etc)

Link to comment
Share on other sites

You only need to delete it if you do not wish to offer that method - we cannot tell you how to run your business.

 

If by "Credit Card" you mean the standard module that comes with osCommerce then that module is only for testing and not for production use - it is completely insecure and open to hacking leaving your customers open to fraud and you liable to thousands in fines.

 

How did you expect the money to get from the customers typing in their card details into your bank without a company to process the transactions?

Link to comment
Share on other sites

You only need to delete it if you do not wish to offer that method - we cannot tell you how to run your business.

 

If by "Credit Card" you mean the standard module that comes with osCommerce then that module is only for testing and not for production use - it is completely insecure and open to hacking leaving your customers open to fraud and you liable to thousands in fines.

 

How did you expect the money to get from the customers typing in their card details into your bank without a company to process the transactions?

 

All of the credit card info is encrypted and when we download the orders, we have an encryption key. We only process the CC's when the parts are ready to ship. We only use the website to obtain the order and cc info.

Link to comment
Share on other sites

Encryption does not make it secure unless you are fully PCI DSS compliant (and I don't just mean that you've passed a PCI scan)

 

Are you processing the cc details through a manual terminal - this is not permitted

 

Are you storing the cvv/cv2 value? - Again this is specifically banned

Link to comment
Share on other sites

Encryption does not make it secure unless you are fully PCI DSS compliant (and I don't just mean that you've passed a PCI scan)

 

Are you processing the cc details through a manual terminal - this is not permitted

 

Are you storing the cvv/cv2 value? - Again this is specifically banned

 

No, no, and no.

We process over 150 orders per day. We import all of the encrypted cc info into our SCA conversion program, then download it into our M.O.M. software. All CC info is deleted in the admin portion of our site several times daily.

 

By the way, this does not solve the shopping cart issue with no credit card info being asked for on some orders.

Link to comment
Share on other sites

Sounds like you need to disable the cash on delivery and the cc processing modules you have installed.

 

Then install a CC processing module that does not store or transmit the CC details even if they are deleted several times a day.

 

You are on course for major problems with the CC companies. The process you describe above seems to me to be in direct contravention of the PCI guidelines.

Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...